Author Topic: [Inactive] Low memory alerts, computer running slow, chrome browser shuts down  (Read 2256 times)

Offline slimhall

  • Bronze Member
  • Posts: 1
DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Steven at 11:10:17 on 2016-03-31
Microsoft Windows 10 Pro  10.0.10586.0.1252.1.1033.18.8097.3439 [GMT -5:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\PickerHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\bcastdvr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\GamePanel.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\NetworkUXBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
uRun: [GoogleChromeAutoLaunch_F24911D7A7038F5FFBF2DBF664E78DA0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [HP Officejet Pro 8610 (NET)] "C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe" -deviceID "CN46IC3050:NW" -scfn "HP Officejet Pro 8610 (NET)" -AutoStart 1
uRun: [Amazon Music] "C:\Users\Steven\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [OneDrive] "C:\Users\Steven\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SafeModeBlockNonAdmins = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{c1926084-f2f5-441e-9f55-e09815e04c11} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{c1926084-f2f5-441e-9f55-e09815e04c11}\45F677E65605C6163656F57457563747 : DHCPNameServer = 172.20.1.1
TCP: Interfaces\{c1926084-f2f5-441e-9f55-e09815e04c11}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{c1926084-f2f5-441e-9f55-e09815e04c11}\F66666963656 : DHCPNameServer = 192.168.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Virtual Keyboard Plugin: {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Content Blocker Plugin: {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Safe Money Plugin: {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SafeModeBlockNonAdmins = dword:1
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);C:\WINDOWS\System32\drivers\cm_km_w.sys [2015-6-27 247016]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
R0 SurfacePciController;SurfacePciController;C:\WINDOWS\System32\drivers\SurfacePciController.sys [2014-10-8 35440]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 klhk;Kaspersky Lab service driver;C:\WINDOWS\System32\drivers\klhk.sys [2015-7-24 227512]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\drivers\klim6.sys [2015-6-27 39792]
R1 klpd;klpd;C:\WINDOWS\System32\drivers\klpd.sys [2015-6-27 24944]
R1 klwfp;klwfp;C:\WINDOWS\System32\drivers\klwfp.sys [2015-6-27 77680]
R1 Klwtp;Klwtp;C:\WINDOWS\System32\drivers\klwtp.sys [2015-6-27 89272]
R1 kneps;kneps;C:\WINDOWS\System32\drivers\kneps.sys [2015-6-27 190648]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AVP15.0.2;Kaspersky Anti-Virus Service 15.0.2;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [2015-6-27 194000]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-1-8 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-1-8 1773696]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-3-2 2828016]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-1-28 803856]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-9-18 14624]
R2 kldisk;kldisk;C:\WINDOWS\System32\drivers\kldisk.sys [2015-6-27 64368]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-9-5 743688]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2015-10-30 165376]
R3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2015-10-30 36864]
R3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-1-13 245760]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
R3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-3-4 30512]
R3 klflt;Kaspersky Lab Kernel DLL;C:\WINDOWS\System32\drivers\klflt.sys [2015-7-24 159960]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\drivers\klkbdflt.sys [2015-6-27 49008]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\drivers\klmouflt.sys [2015-6-27 48504]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 mrvlpcie8897;mrvlpcie8897;C:\WINDOWS\System32\drivers\mrvlpcie8897.sys [2016-1-7 1058832]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-9-16 423144]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 SensorsHIDClassDriver;UMDF Reflector service for Sensors HID Class Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
R3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 SurfaceAccessoryDevice;Surface Accessory Device Service;C:\WINDOWS\System32\drivers\SurfaceAccessoryDevice.sys [2014-8-13 51856]
R3 SurfaceCapacitiveHomeButton;Surface Home Button Service;C:\WINDOWS\System32\drivers\SurfaceCapacitiveHomeButton.sys [2014-11-27 44152]
R3 SurfaceDisplayCalibration;Surface Display Calibration Service;C:\WINDOWS\System32\drivers\SurfaceDisplayCalibration.sys [2014-8-13 41616]
R3 SurfaceIntegrationDriver;Surface Integration Driver;C:\WINDOWS\System32\drivers\SurfaceIntegrationDriver.sys [2014-12-9 49776]
R3 SurfacePenDriver;SurfacePenDriver Service;C:\WINDOWS\System32\drivers\SurfacePenDriver.sys [2016-1-27 102552]
R3 TrueColor;TrueColor Service;C:\WINDOWS\System32\drivers\TrueColor.sys [2014-7-7 35952]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 klelam;klelam;C:\WINDOWS\System32\drivers\klelam.sys [2012-7-27 29616]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-9-14 136048]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-1-29 327296]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-13 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-9-14 136048]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2015-9-5 122160]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS_GPIO;Intel(R) Serial IO GPIO Driver;C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [2015-7-31 24568]
S3 iaLPSS_I2C;Intel(R) Serial IO I2C Driver;C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [2015-7-31 99320]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-10-28 474376]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MiraDispKmd;Kernel Mode Miracast Filter Driver;C:\WINDOWS\System32\drivers\MiraDispKmd.sys [2015-10-30 23552]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2015-7-31 263896]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 ssudcdf;SAMSUNG Mobile Mode Changer Device;C:\WINDOWS\System32\drivers\ssudcdf.sys [2014-1-22 36608]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-9-5 214832]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudserd.sys [2015-9-7 206080]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 SurfaceTypeCover;Surface Type Cover Filter Device Service;C:\WINDOWS\System32\drivers\SurfaceTypeCover.sys [2015-11-1 67592]
S3 SurfaceTypeCoverV3Integration;Surface Type Cover Integration Service;C:\WINDOWS\System32\drivers\SurfaceTypeCoverV3Integration.sys [2015-11-1 52760]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2015-1-27 26880]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-2 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-3-2 29696]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-03-24 14:31:10   --------   d-----w-   C:\Program Files\iPod
2016-03-24 14:31:10   --------   d-----w-   C:\Program Files (x86)\iTunes
2016-03-24 14:31:09   --------   d---a-w-   C:\Program Files\iTunes
2016-03-11 02:32:59   258560   ----a-w-   C:\WINDOWS\System32\UserDataAccountApis.dll
2016-03-02 16:27:53   8705672   ----a-w-   C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2016-03-02 16:26:54   375808   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll
.
==================== Find3M  ====================
.
2016-03-21 15:59:30   89272   ----a-w-   C:\WINDOWS\System32\drivers\klwtp.sys
2016-03-21 15:59:30   77680   ----a-w-   C:\WINDOWS\System32\drivers\klwfp.sys
2016-03-21 15:59:28   478392   ----a-w-   C:\WINDOWS\System32\drivers\kl1.sys
2016-03-21 15:58:25   48504   ----a-w-   C:\WINDOWS\System32\drivers\klmouflt.sys
2016-03-21 15:58:23   49008   ----a-w-   C:\WINDOWS\System32\drivers\klkbdflt.sys
2016-03-21 15:58:20   227512   ----a-w-   C:\WINDOWS\System32\drivers\klhk.sys
2016-03-08 07:12:26   829944   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-03-08 07:12:26   176632   ----a-w-   C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-03-01 05:31:29   848168   ----a-w-   C:\WINDOWS\System32\mfsvr.dll
2016-03-01 05:22:47   709688   ----a-w-   C:\WINDOWS\SysWow64\mfsvr.dll
2016-02-24 09:52:06   1997328   ----a-w-   C:\WINDOWS\System32\KernelBase.dll
2016-02-24 09:51:58   7474528   ----a-w-   C:\WINDOWS\System32\ntoskrnl.exe
2016-02-24 09:48:32   713568   ----a-w-   C:\WINDOWS\System32\invagent.dll
2016-02-24 09:47:03   1173344   ----a-w-   C:\WINDOWS\System32\aeinv.dll
2016-02-24 09:40:06   513888   ----a-w-   C:\WINDOWS\System32\devinv.dll
2016-02-24 09:34:50   1613664   ----a-w-   C:\WINDOWS\System32\diagtrack.dll
2016-02-24 09:28:35   3449168   ----a-w-   C:\WINDOWS\System32\WSService.dll
2016-02-24 09:15:07   1557768   ----a-w-   C:\WINDOWS\SysWow64\KernelBase.dll
2016-02-24 08:58:26   794888   ----a-w-   C:\WINDOWS\System32\mfds.dll
2016-02-24 08:51:24   1322248   ----a-w-   C:\WINDOWS\System32\ole32.dll
2016-02-24 08:50:49   808800   ----a-w-   C:\WINDOWS\System32\WWAHost.exe
2016-02-24 08:46:25   6607080   ----a-w-   C:\WINDOWS\System32\windows.storage.dll
2016-02-24 08:43:01   625000   ----a-w-   C:\WINDOWS\System32\ClipSVC.dll
2016-02-24 08:39:30   141560   ----a-w-   C:\WINDOWS\System32\AuthHost.exe
2016-02-24 08:39:01   358752   ----a-w-   C:\WINDOWS\System32\msv1_0.dll
2016-02-24 08:19:18   670928   ----a-w-   C:\WINDOWS\SysWow64\mfds.dll
2016-02-24 08:14:23   216416   ----a-w-   C:\WINDOWS\System32\AppxAllUserStore.dll
2016-02-24 08:11:46   957608   ----a-w-   C:\WINDOWS\SysWow64\ole32.dll
2016-02-24 08:11:07   258280   ----a-w-   C:\WINDOWS\System32\sqmapi.dll
2016-02-24 08:11:03   652392   ----a-w-   C:\WINDOWS\System32\dxgi.dll
2016-02-24 08:11:03   394080   ----a-w-   C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-02-24 08:11:03   1997152   ----a-w-   C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-02-24 08:11:01   703840   ----a-w-   C:\WINDOWS\SysWow64\WWAHost.exe
2016-02-24 08:10:54   576864   ----a-w-   C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-02-24 08:10:52   630632   ----a-w-   C:\WINDOWS\System32\fontdrvhost.exe
2016-02-24 08:09:58   640472   ----a-w-   C:\WINDOWS\System32\wer.dll
2016-02-24 08:09:49   147808   ----a-w-   C:\WINDOWS\System32\wermgr.exe
2016-02-24 08:06:39   5242496   ----a-w-   C:\WINDOWS\SysWow64\windows.storage.dll
2016-02-24 07:59:11   294752   ----a-w-   C:\WINDOWS\SysWow64\msv1_0.dll
2016-02-24 07:39:44   23552   ----a-w-   C:\WINDOWS\System32\ExtrasXmlParser.dll
2016-02-24 07:39:34   45568   ----a-w-   C:\WINDOWS\System32\UserDataTypeHelperUtil.dll
2016-02-24 07:38:35   187744   ----a-w-   C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-02-24 07:38:12   111616   ----a-w-   C:\WINDOWS\System32\UserDataTimeUtil.dll
2016-02-24 07:37:58   45056   ----a-w-   C:\WINDOWS\System32\UserDataLanguageUtil.dll
2016-02-24 07:36:17   60416   ----a-w-   C:\WINDOWS\System32\PimIndexMaintenanceClient.dll
2016-02-24 07:35:26   220064   ----a-w-   C:\WINDOWS\SysWow64\sqmapi.dll
2016-02-24 07:35:24   523752   ----a-w-   C:\WINDOWS\SysWow64\dxgi.dll
2016-02-24 07:35:18   45568   ----a-w-   C:\WINDOWS\System32\atmlib.dll
2016-02-24 07:35:08   540752   ----a-w-   C:\WINDOWS\SysWow64\fontdrvhost.exe
2016-02-24 07:33:53   141664   ----a-w-   C:\WINDOWS\SysWow64\wermgr.exe
2016-02-24 07:33:49   538736   ----a-w-   C:\WINDOWS\SysWow64\wer.dll
2016-02-24 07:31:49   118272   ----a-w-   C:\WINDOWS\System32\fontsub.dll
2016-02-24 07:30:18   25600   ----a-w-   C:\WINDOWS\System32\wfapigp.dll
2016-02-24 07:28:12   70656   ----a-w-   C:\WINDOWS\System32\POSyncServices.dll
2016-02-24 07:23:20   68096   ----a-w-   C:\WINDOWS\System32\UserDataPlatformHelperUtil.dll
2016-02-24 07:23:20   112640   ----a-w-   C:\WINDOWS\System32\drivers\bthenum.sys
2016-02-24 07:23:09   91648   ----a-w-   C:\WINDOWS\System32\asycfilt.dll
2016-02-24 07:22:03   196608   ----a-w-   C:\WINDOWS\System32\fwpolicyiomgr.dll
2016-02-24 07:20:57   167936   ----a-w-   C:\WINDOWS\System32\dafBth.dll
2016-02-24 07:20:35   195072   ----a-w-   C:\WINDOWS\System32\VCardParser.dll
2016-02-24 07:20:00   87552   ----a-w-   C:\WINDOWS\System32\AppxSysprep.dll
2016-02-24 07:19:56   31232   ----a-w-   C:\WINDOWS\System32\seclogon.dll
2016-02-24 07:19:10   145408   ----a-w-   C:\WINDOWS\System32\dssvc.dll
2016-02-24 07:15:29   365568   ----a-w-   C:\WINDOWS\System32\atmfd.dll
2016-02-24 07:14:00   274944   ----a-w-   C:\WINDOWS\System32\ExSMime.dll
2016-02-24 07:13:57   121856   ----a-w-   C:\WINDOWS\System32\AppointmentActivation.dll
2016-02-24 07:12:54   243712   ----a-w-   C:\WINDOWS\System32\cemapi.dll
2016-02-24 07:12:03   221184   ----a-w-   C:\WINDOWS\System32\PhoneCallHistoryApis.dll
2016-02-24 07:10:05   93184   ----a-w-   C:\WINDOWS\System32\wpninprc.dll
2016-02-24 07:09:00   161792   ----a-w-   C:\WINDOWS\System32\AppxSip.dll
2016-02-24 07:07:53   252928   ----a-w-   C:\WINDOWS\System32\PimIndexMaintenance.dll
2016-02-24 07:05:00   208896   ----a-w-   C:\WINDOWS\System32\storewuauth.dll
2016-02-24 07:03:16   88576   ----a-w-   C:\WINDOWS\SysWow64\olepro32.dll
2016-02-24 07:02:17   161280   ----a-w-   C:\WINDOWS\System32\CallHistoryClient.dll
2016-02-24 07:01:56   146432   ----a-w-   C:\WINDOWS\System32\AuthBroker.dll
2016-02-24 07:01:21   764928   ----a-w-   C:\WINDOWS\System32\Chakradiag.dll
2016-02-24 07:01:15   67584   ----a-w-   C:\WINDOWS\System32\profext.dll
2016-02-24 07:00:00   214528   ----a-w-   C:\WINDOWS\System32\Windows.Devices.Scanners.dll
2016-02-24 06:59:55   450560   ----a-w-   C:\WINDOWS\System32\Windows.Internal.Bluetooth.dll
2016-02-24 06:59:44   318976   ----a-w-   C:\WINDOWS\System32\domgmt.dll
2016-02-24 06:59:32   360448   ----a-w-   C:\WINDOWS\System32\vaultsvc.dll
2016-02-24 06:58:29   685568   ----a-w-   C:\WINDOWS\System32\scapi.dll
2016-02-24 06:55:57   790528   ----a-w-   C:\WINDOWS\System32\EmailApis.dll
2016-02-24 06:55:39   224256   ----a-w-   C:\WINDOWS\System32\PackageStateRoaming.dll
2016-02-24 06:55:08   18944   ----a-w-   C:\WINDOWS\SysWow64\ExtrasXmlParser.dll
2016-02-24 06:54:57   37888   ----a-w-   C:\WINDOWS\SysWow64\UserDataTypeHelperUtil.dll
2016-02-24 06:54:55   228352   ----a-w-   C:\WINDOWS\System32\wsqmcons.exe
2016-02-24 06:54:45   288768   ----a-w-   C:\WINDOWS\System32\vaultcli.dll
2016-02-24 06:54:09   526336   ----a-w-   C:\WINDOWS\System32\FirewallAPI.dll
2016-02-24 06:53:47   89088   ----a-w-   C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
2016-02-24 06:53:35   37888   ----a-w-   C:\WINDOWS\SysWow64\UserDataLanguageUtil.dll
2016-02-24 06:52:12   48128   ----a-w-   C:\WINDOWS\SysWow64\PimIndexMaintenanceClient.dll
2016-02-24 06:52:11   451584   ----a-w-   C:\WINDOWS\System32\werui.dll
2016-02-24 06:51:21   37376   ----a-w-   C:\WINDOWS\SysWow64\atmlib.dll
2016-02-24 06:49:50   726528   ----a-w-   C:\WINDOWS\System32\ChatApis.dll
2016-02-24 06:47:58   93696   ----a-w-   C:\WINDOWS\SysWow64\fontsub.dll
2016-02-24 06:46:33   20480   ----a-w-   C:\WINDOWS\SysWow64\wfapigp.dll
2016-02-24 06:44:46   56320   ----a-w-   C:\WINDOWS\SysWow64\POSyncServices.dll
2016-02-24 06:44:19   700416   ----a-w-   C:\WINDOWS\System32\AppointmentApis.dll
2016-02-24 06:44:18   1713664   ----a-w-   C:\WINDOWS\System32\SRHInproc.dll
.
============= FINISH: 11:10:31.54 ===============

Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Pro
Boot Device: \Device\HarddiskVolume2
Install Date: 12/13/2015 3:04:20 PM
System Uptime: 3/31/2016 9:38:55 AM (2 hours ago)
.
Motherboard: Microsoft Corporation |  | Surface Pro 3
Processor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz | SOCKET 0 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 232 GiB total, 29.024 GiB free.
D: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP19: 3/15/2016 9:25:51 PM - Windows Update
RP20: 3/23/2016 7:22:46 PM - Windows Update
.
==== Installed Programs ======================
.
Amazon Music
ANT Drivers Installer x64
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Bonjour
Dropbox
Dropbox Update Helper
Elevated Installer
EPUB Converter 9.5.4
EPubsoft Kindle MOBI AZW DRM Removal 8.3.5
Garmin Express
Garmin Express Tray
Google Chrome
Google Drive
Google Update Helper
HP FWUpdateEDO2
HP Officejet Pro 8610 Basic Device Software
HP Officejet Pro 8610 Help
HP Update
HPDiagnosticAlert
I.R.I.S. OCR
iCloud
Intel(R) Processor Graphics
iTunes
Kaspersky Internet Security
Microsoft Office Professional Plus 2013 - en-us
Microsoft Silverlight
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Minecraft
MyFreeCodec
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Personal Vault 1.4
Product Improvement Study for HP Officejet Pro 8610
QuickTime 7
Samsung USB Driver for Mobile Phones
Skype Click to Call
Skype™ 7.21
Smart Switch
TurboTax 2014
TurboTax 2014 WinPerFedFormset
TurboTax 2014 WinPerReleaseEngine
TurboTax 2014 WinPerTaxSupport
TurboTax 2014 wndiper
TurboTax 2014 wrapper
Ultima Online Second Age 5.0.8.3
UO Auto-Map 9.0.0
Update for Microsoft en-us Dictionary
Ventrilo Client for Windows x64
VMSPro
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)
.
==== Event Viewer Messages From Past Week ========
.
3/30/2016 8:43:00 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
3/30/2016 8:42:00 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Apple Mobile Device Service service.
3/30/2016 7:57:00 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
3/30/2016 7:57:00 AM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
3/30/2016 7:57:00 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
3/30/2016 12:55:26 AM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
3/30/2016 12:24:12 PM, Error: Service Control Manager [7031]  - The User Data Storage_4c76a1e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/30/2016 12:24:12 PM, Error: Service Control Manager [7031]  - The User Data Access_4c76a1e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/30/2016 12:24:12 PM, Error: Service Control Manager [7031]  - The Sync Host_4c76a1e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/30/2016 12:24:12 PM, Error: Service Control Manager [7031]  - The Contact Data_4c76a1e service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/30/2016 12:24:12 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/30/2016 1:00:39 AM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca as Unavailable/Unavailable. The error: "15616" Happened while starting this command: "C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
3/28/2016 2:05:21 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_32094ab service to connect.
3/28/2016 2:05:21 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_32094ab service to connect.
3/28/2016 2:05:10 PM, Error: Service Control Manager [7031]  - The User Data Storage_32094ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:10 PM, Error: Service Control Manager [7031]  - The User Data Access_32094ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:10 PM, Error: Service Control Manager [7031]  - The Sync Host_32094ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:10 PM, Error: Service Control Manager [7031]  - The Contact Data_32094ab service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:07 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user SurfaceOfSteve\Steven SID (S-1-5-21-1934012671-2486187562-4064924223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/28/2016 2:05:04 PM, Error: Service Control Manager [7031]  - The User Data Storage_4b2f9b6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:04 PM, Error: Service Control Manager [7031]  - The User Data Access_4b2f9b6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:04 PM, Error: Service Control Manager [7031]  - The Sync Host_4b2f9b6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 2:05:04 PM, Error: Service Control Manager [7031]  - The Contact Data_4b2f9b6 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/28/2016 1:56:58 PM, Error: MTConfig [1]  - An attempt to configure the input mode of a multitouch device failed.
3/27/2016 3:16:18 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {3185A766-B338-11E4-A71E-12E3F512A338}  and APPID  {7006698D-2974-4091-A424-85DD0B909E23}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/27/2016 2:38:45 AM, Error: Service Control Manager [7031]  - The User Data Storage_1a63a80 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:45 AM, Error: Service Control Manager [7031]  - The User Data Access_1a63a80 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:45 AM, Error: Service Control Manager [7031]  - The Sync Host_1a63a80 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:45 AM, Error: Service Control Manager [7031]  - The Contact Data_1a63a80 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:38 AM, Error: Service Control Manager [7031]  - The User Data Storage_ad249 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:38 AM, Error: Service Control Manager [7031]  - The User Data Access_ad249 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:38 AM, Error: Service Control Manager [7031]  - The Sync Host_ad249 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:38:38 AM, Error: Service Control Manager [7031]  - The Contact Data_ad249 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/27/2016 2:36:57 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user SurfaceOfSteve\steve_000 SID (S-1-5-21-1934012671-2486187562-4064924223-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/27/2016 2:27:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/27/2016 12:40:00 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca  and APPID  Unavailable  to the user SurfaceOfSteve\Steven SID (S-1-5-21-1934012671-2486187562-4064924223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/27/2016 10:51:28 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_1a63a80 service to connect.
3/27/2016 10:51:27 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_1a63a80 service, but this action failed with the following error:  An instance of the service is already running.
3/27/2016 10:51:27 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_1a63a80 service to connect.
3/27/2016 1:41:01 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca  and APPID  Unavailable  to the user SurfaceOfSteve\steve_000 SID (S-1-5-21-1934012671-2486187562-4064924223-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/26/2016 12:56:02 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
3/26/2016 12:56:02 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
3/26/2016 10:19:39 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
3/26/2016 10:19:38 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
3/26/2016 10:19:31 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  App.AppX65azfy60a5wn91mcvdd3dr2y0wj02n39.mca  and APPID  Unavailable  to the user SurfaceOfSteve\Steven SID (S-1-5-21-1934012671-2486187562-4064924223-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/25/2016 12:18:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_83325 service to connect.
3/25/2016 12:18:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_83325 service to connect.
3/25/2016 12:17:55 AM, Error: Service Control Manager [7031]  - The User Data Storage_83325 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/25/2016 12:17:55 AM, Error: Service Control Manager [7031]  - The User Data Access_83325 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/25/2016 12:17:55 AM, Error: Service Control Manager [7031]  - The Sync Host_83325 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/25/2016 12:17:55 AM, Error: Service Control Manager [7031]  - The Contact Data_83325 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/24/2016 9:45:22 AM, Error: Service Control Manager [7031]  - The User Data Storage_5840a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/24/2016 9:45:22 AM, Error: Service Control Manager [7031]  - The User Data Access_5840a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/24/2016 9:45:22 AM, Error: Service Control Manager [7031]  - The Sync Host_5840a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/24/2016 9:45:22 AM, Error: Service Control Manager [7031]  - The Contact Data_5840a service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
3/24/2016 8:22:18 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
3/24/2016 8:21:48 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
3/24/2016 1:30:00 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
.
==== End Of File ===========================

Thank you for your help!

Steve
« Last Edit: April 18, 2016, 03:31:10 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27132
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Sorry for the delay in helping you.

Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

 Does this happen when you first start the computer? Or does it only happen after you have been running the computer for a while?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!